From 35a34ac8c834cc617203e16b491aaaf6b24d94c0 Mon Sep 17 00:00:00 2001
From: Tim Neumann <neumantm@fius.informatik.uni-stuttgart.de>
Date: Sun, 6 Aug 2023 18:20:35 +0200
Subject: [PATCH] fix(auth): Protect /storages and /tag endpoints

Resolves: #1
---
 backend/main.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/backend/main.py b/backend/main.py
index 76b6434..6b2f081 100644
--- a/backend/main.py
+++ b/backend/main.py
@@ -111,7 +111,8 @@ def get_items(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)
 
 
 @app.get("/tag/{tag}", response_model=schemas.Item)
-def get_item_by_tag(tag: str, db: Session = Depends(get_db)):
+def get_item_by_tag(tag: str, token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):
+    check_token(token)
     item = utils.get_item_by_tag(db, tag)
     if not item:
         raise HTTPException(status_code=404, detail="Item not found")
@@ -119,7 +120,8 @@ def get_item_by_tag(tag: str, db: Session = Depends(get_db)):
 
 
 @app.get("/storages", response_model=list[schemas.Storage])
-def list_storages(db: Session = Depends(get_db)):
+def list_storages(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)):
+    check_token(token)
     return utils.get_storages(db)
 
 
-- 
GitLab